Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity XML external entity injection via File Upload CWE-611 CWE-611 Critical XML quadratic blowup denial of service attack CWE-400 CWE-400 High XOOPS CVE-2009-3963 Vulnerability (CVE-2009-3963) CVE-2009-3963 High XOOPS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3822) CVE-2011-3822 CWE-200 CWE-200 Medium XOOPS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2006-2516) CVE-2006-2516 CWE-22 CWE-22 Medium XOOPS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0612) CVE-2008-0612 CWE-22 CWE-22 High XOOPS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-3296) CVE-2008-3296 CWE-22 CWE-22 High XOOPS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-6884) CVE-2008-6884 CWE-22 CWE-22 Medium XOOPS Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-0613) CVE-2008-0613 CWE-59 CWE-59 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2003-1453) CVE-2003-1453 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2004-2756) CVE-2004-2756 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2035) CVE-2008-2035 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3295) CVE-2008-3295 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-4432) CVE-2008-4432 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-4435) CVE-2008-4435 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6885) CVE-2008-6885 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-2783) CVE-2009-2783 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4565) CVE-2011-4565 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0984) CVE-2012-0984 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7944) CVE-2017-7944 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12139) CVE-2017-12139 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16683) CVE-2019-16683 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16684) CVE-2019-16684 CWE-707 CWE-707 Medium XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36217) CVE-2023-36217 CWE-707 CWE-707 Critical XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2002-2391) CVE-2002-2391 CWE-138 CWE-138 High XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0611) CVE-2008-0611 CWE-138 CWE-138 High XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-4433) CVE-2008-4433 CWE-138 CWE-138 High XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5665) CVE-2008-5665 CWE-138 CWE-138 High XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-7290) CVE-2017-7290 CWE-138 CWE-138 High XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-11174) CVE-2017-11174 CWE-138 CWE-138 Critical XOOPS Other Vulnerability (CVE-2005-0743) CVE-2005-0743 High XOOPS Other Vulnerability (CVE-2005-2112) CVE-2005-2112 Medium XOOPS Other Vulnerability (CVE-2005-2113) CVE-2005-2113 High XOOPS Other Vulnerability (CVE-2005-3680) CVE-2005-3680 Medium XOOPS Other Vulnerability (CVE-2006-5810) CVE-2006-5810 Medium XOOPS Other Vulnerability (CVE-2007-0377) CVE-2007-0377 High XOOPS Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4851) CVE-2009-4851 CWE-264 CWE-264 Medium XOOPS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-12138) CVE-2017-12138 CWE-601 CWE-601 Medium XPath injection vulnerability CWE-643 CWE-643 High XSLT injection CWE-91 CWE-91 High XSS on Apache HTTP Server 413 error pages via malformed HTTP method CVE-2007-6203 CWE-79 CWE-79 Medium YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-4092) CVE-2021-4092 CWE-352 CWE-352 Medium YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0269) CVE-2022-0269 CWE-352 CWE-352 High YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4111) CVE-2021-4111 CWE-20 CWE-20 Medium YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4117) CVE-2021-4117 CWE-20 CWE-20 Medium YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4107) CVE-2021-4107 CWE-707 CWE-707 Medium YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4116) CVE-2021-4116 CWE-707 CWE-707 Medium YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4121) CVE-2021-4121 CWE-707 CWE-707 Medium YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1340) CVE-2022-1340 CWE-707 CWE-707 Medium YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2829) CVE-2022-2829 CWE-707 CWE-707 Medium YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2885) CVE-2022-2885 CWE-707 CWE-707 Medium YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2890) CVE-2022-2890 CWE-707 CWE-707 Medium YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2924) CVE-2022-2924 CWE-707 CWE-707 Medium YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3000) CVE-2022-3000 CWE-707 CWE-707 Medium YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3002) CVE-2022-3002 CWE-707 CWE-707 Medium YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3004) CVE-2022-3004 CWE-707 CWE-707 Medium YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3005) CVE-2022-3005 CWE-707 CWE-707 Medium YetiForce CRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-1411) CVE-2022-1411 CWE-434 CWE-434 Medium Yii2 debug toolkit CWE-200 CWE-200 Medium Yii2 Gii extension CWE-200 CWE-200 Medium Yii2 weak secret key CWE-693 CWE-693 Medium Yii debug mode enabled CWE-16 CWE-16 Medium Yii running in dev mode CWE-16 CWE-16 Medium YOURLS Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2019-14537) CVE-2019-14537 CWE-843 CWE-843 Critical YOURLS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0088) CVE-2022-0088 CWE-352 CWE-352 High YOURLS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3824) CVE-2011-3824 CWE-200 CWE-200 Medium YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-8488) CVE-2014-8488 CWE-707 CWE-707 Medium YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-27388) CVE-2020-27388 CWE-707 CWE-707 Medium YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3783) CVE-2021-3783 CWE-707 CWE-707 Medium YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3785) CVE-2021-3785 CWE-707 CWE-707 Medium YOURLS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2021-3734) CVE-2021-3734 CWE-1021 CWE-1021 High YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4207) CVE-2010-4207 CWE-707 CWE-707 Medium YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4208) CVE-2010-4208 CWE-707 CWE-707 Medium YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4209) CVE-2010-4209 CWE-707 CWE-707 Medium YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4710) CVE-2010-4710 CWE-707 CWE-707 Medium 1...272273274275 273 / 275